Actions
Security #6
closedUpdate PHP Mailer to version 5.2.22
Status:
Done
Priority:
Dringend
Assignee:
-
Target version:
-
Start date:
2017-02-12
Due date:
% Done:
0%
Estimated time:
Description
https://github.com/PHPMailer/PHPMailer
SECURITY Fix CVE-2017-5223, local file disclosure vulnerability if content passed to msgHTML() is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to msgHTML() without a $basedir will not import images with relative URLs, and relative URLs containing .. will be ignored.
Updated by Anonymous over 7 years ago
- Status changed from New to Done
- Priority changed from Normal to Dringend
upgrade to 5.2.22 done
Actions